<?php
    if(exponent_users_isLoggedIn())
    {
        $_REQUEST['ajax_action']=1;
        profilemodule::start_CRM();
        $link = explode("|", base64_decode($_REQUEST['id']));
        $module=$link[0];
        $id=$link[1];
        $type=$link[2];
        $name=$link[3];
        $content_type=$link[4];
        $contact=$link[5];
        $pdf=$link[6];
        $pdf = str_replace( '^', '', $pdf ); 
        if($contact!=md5(exponent_sessions_get('contact_id')))
        {
            $return['res']="no";
            $return['mes']='You can\'t download this file!';
            echo json_encode($return);
        }
        else
        {
            $config=$db->selectObject('profilemodule_global_config','1=1');
            $cookie="PHPSESSID=".$config->session_id;
            switch($module)
            {
                case 'invoices':
                $url = $config->baseurl.'index.php?entryPoint=generatePdf&templateID='.$pdf.'&task=pdf&module=AOS_Invoices&uid='.$id;
                break;
                default:
                $url = $config->baseurl.'index.php?entryPoint=download&id='.$id.'&type=Documents';
                
            }
            
            $file_name=md5(exponent_sessions_get('contact_id').$name.$id);
            profilemodule::downloadFile($url,"$file_name.$type");
            $return['url']=base64_encode("tmp/CRM_files/$file_name.$type|$name");
            $return['res']="ok";
            echo json_encode($return);
        }
    }
    else
    {
        $return['res']="no";
        $return['mes']='You much login to download this file!';
        echo json_encode($return);

    }
?>
